Figuring out how to fix broken Debian packages? This guide will show you how with Debian and Debian-based Linux distributions like Ubuntu. It explains how to resolve the “Unable to correct problems, you have held broken packages” error and understand the cause of package problems in Debian.
Understanding the “you have held broken packages” error
A ‘held’ package has been held back by the Debian package manager, meaning that it will not be upgraded even if a newer version is available in order to prevent potential compatibility or stability issues. Packages will be automatically held if they have unmet or broken dependencies. For example, a package may rely on a different version of another package that is already installed. System administrators can also manually hold packages that they do not want to be automatically updated.
For most users who aren’t tinkering behind the scenes, the “Unable to correct problems, you have held broken packages” error is most commonly caused by one of two things: either you’ve installed packages from a PPA or third-party repository that conflict or an update from an official repository was interrupted and did not complete.
Stop reacting—start leading. Learn how to shift to a proactive IT management strategy with our step-by-step guide. Get started.
Troubleshooting held package errors in Debian and Ubuntu
To troubleshoot unmet and broken dependency errors in Debian and Ubuntu, you need to identify which packages are causing the message.
To do this, you can use the apt package manager to check for broken packages by running:
sudo apt-get check
This will check the package database for broken packages and list them. If a package issue is found, the apt command output will look something like this:
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following packages have unmet dependencies:
package_1 : Depends: package_2 (>= 1.0.0) but it is not installed
package_3 : Depends: package_4 but it is not installed
E: Unmet dependencies. Try using -f.
This tells you exactly which packages are perhaps being held and preventing further updates. You can specifically search for held packages by running:
sudo apt list –upgradable
Held packages will show [held back] next to their entry:
Listing… Done
package_1/stable 1.2.3-4 amd64 [upgradable from: 1.2.2-3]
package_2/stable 2.3.4-5 amd64 [held back]
package_3/stable 3.4.5-6 amd64 [upgradable from: 3.4.4-5]
You can also run apt-mark to list all held packages:
sudo apt-mark showhold
The apt command you are using to update or install software itself may also tell you what packages are causing the issue:
$ sudo apt install package_1
Reading package lists… Done
Building dependency tree
Reading state information… Done
Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
package_1 : Depends: package_2 (>= 2.0) but it is not going to be installed
E: Unable to correct problems, you have held broken packages.
Notice the list of packages with unmet dependencies towards the end of the output.
You can get more specific information about a package and its dependencies by running the following apt search command:
sudo apt search package_name
This will return information about the package versions and its dependencies:
package_name/focal 1.2.3-4 amd64
Next, to find out what available versions of the held package are available in all of your repositories, run:
sudo apt list -a package_name
This will output something like :
package_name/focal 1.2.3-4 amd64
package_name/focal-updates 1.2.3-5 amd64
package_name/focal-backports 1.2.3-6 amd64
Then, you can inspect the dependencies for the package:
sudo apt-cache depends package_name
Once you have identified which packages are triggering unmet or broken dependency errors and understand why they are being held, you can move forward with fixing them.
Fixing broken Debian and Ubuntu packages
To correct issues with held packages in Debian and Ubuntu, including the “You have held broken packages” error, you can try the following methods.
First, you should update your package lists and update your installed packages by running:
sudo apt update
sudo apt upgrade
And then re-trying the installation. Often, and especially when you have third party software repositories, ensuring that all package lists are up to date will resolve the issue.
You may also try manually installing dependencies by running:
sudo apt install dependency_name
If you need to remove conflicting dependencies, you can run:
sudo apt remove package_name
…and if you want to completely remove a package, including all configuration files, run:
sudo apt remove –purge package_name
It is recommended to run apt autoremove after this to remove any dependencies that may have been automatically installed during previous attempts, so that you can start with a fresh slate.
As always, you should check what each command does, and assess the potential impact on your system before running it. If you are concerned about running an apt command, you can simulate it using the –dry-run parameter to inspect the output without actually making changes to your system:
sudo apt install package_name –dry-run
If all else fails, you can try manually unholding the package, though this is not recommended, as usually they remain held for a reason and you should take all measures to use the package manager to solve dependency problems.
Manually unhold a held package by running:
sudo apt-mark unhold package_name
Before attempting to install the package again, you should try to force apt to fix any remaining missing dependencies and dependency problems by running:
sudo apts install –fix-broken
Note that –fix-broken will not install held packages if they still remain.
You should test your system thoroughly after performing any troubleshooting or repair steps: try and re-run apt update and apt upgrade and ensure that both commands complete without error. In mission-critical environments, you should also test the functionality of your system (for example, if you are working on a web server, ensure that the web applications are available and functional). You should also keep an eye on your system and error logs to make sure that all issues are fully resolved, and that no incompatibility issues have been introduced.
Preventative measures to protect against unmet dependencies
There are several preventative measures that you should take to avoid running into unmet dependency errors and broken packages in Debian and Ubuntu Linux:
- Keep packages up to date: Regularly update your software by running apt update and apt upgrade.
- Keep package sources/lists up to date: In addition to running apt update to keep your software sources updated, check your /etc/apt/sources.list file and /etc/apt/sources.list.d/ directory for any unexpected or outdated entries.
- Carefully managing software repositories: Along with keeping your Linux servers secure, only adding trusted third-party software repositories to your system (and carefully vetting any other programs you download) will help prevent introducing package issues.
- Set up automated package management tools: If you’re in charge of a fleet of Linux machines, consider rolling out tools that help you remotely monitor, preempt, and resolve potential system stability and compatibility issues.
- Backup: Take regular full backups of your Linux systems so that you can roll back to a known good state if something goes drastically wrong.
You should also make sure that you clean up after your package manager by regularly removing dependencies that have been left behind by uninstalled packages and clearing the package cache. These tasks can be done by running:
sudo apt autoremove
sudo apt autoclean
sudo apt clean
The apt autoremove command removes automatically installed packages (for example, those installed to satisfy other package dependencies) that are no longer needed. The apt autoclean command removes outdated files, including partially installed packages, and finally the apt clean command removes other unneeded package files, including those for currently installed packages.
After cleaning up, you should always run apt update to ensure you have the latest package lists.
Ensuring the ongoing stability of your Linux deployments
Fully resolving the “Unable to correct problems, you have held broken packages” error and other unmet or broken dependency issues on Debian and Ubuntu Linux will get you back up and running, but you should consider your overall Linux system management practices and how the issue may have arisen in the first place.
Fixing broken packages is not the only maintenance task that you will need to perform to keep your Linux infrastructure online and secure, and these tasks aren’t always as simple as running a few terminal commands. NinjaOne provides a proven Linux endpoint management solution that allows you to manage, patch, and secure Linux endpoints at scale.